none
OAuth 2.0 to authenticate from Office App & prevent login window to open as popup RRS feed

  • Question

  • Hi,

    I am developing an Office App/Addin where users are authenticated from Azure AD by using OAuth 2.0. I am getting authorization code from https://login.microsoftonline.com/common/oauth2/v2.0/authorize or https://login.microsoftonline.com/common/oauth2/authorize via JavaScript.

    The problem is that when user enter username and password on Microsoft Azure Login Page and click on "Sign in", it opens login page outside Word App. I want that all login process should remain inside Word App. The following is the JavaScript code & images

      var replyUrl = window.location;
      var resource = "https://cancerdk365.sharepoint.com";
      var authServer = 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize?';
      var endpointUrl = getEndpointUrl();
      var responseType = 'id_token+token';

      var url = authServer +
        "response_type=" + encodeURI(responseType) + "&" +
        "client_id=" + encodeURI(clientId) + "&" +
        "scope=profile%20openid%20https://graph.microsoft.com/User.Read&" +
        "response_mode=fragment&" +
        "state=aad_login&nonce=AW3a8&" +
        "redirect_uri=" + encodeURI(replyUrl);

         window.location = url;

    Regards.

    Aftab Ahmad


    Tuesday, July 19, 2016 7:55 PM

Answers

All replies

  • Hi Aftab Ahmad-,

    We are doing the research about your problem. There might be some delay about the response. Appreciate your patience.

    Thanks for your understanding.
    Thursday, July 21, 2016 5:32 AM
  • Hi,

    Ok. Thanks. I am waiting. Can you tell how much approximately time it can take?

    Regards.

    Aftab Ahmad

    Thursday, July 21, 2016 1:29 PM
  • Hi Aftab Ahmad,

    According to your description, as far as I know that Office runs a task pane add-in on the user's computer. Your add-in opens a pop-up window to start the authentication flow. Add-ins cannot start authentication flows directly because add-ins, depending on the platform used, may run in an IFRAME. For security reasons, OAuth sign-in pages can't be displayed in an IFRAME.

    For more information, click here to refer about Use the OAuth authorization framework in an Office Add-in

    So I suggest that you could submit any feedback to Office Dev UserVoice:

    https://officespdev.uservoice.com/

    Thanks for your understanding. 
    • Proposed as answer by David_JunFeng Tuesday, August 2, 2016 2:42 PM
    • Marked as answer by David_JunFeng Tuesday, August 2, 2016 2:42 PM
    Monday, July 25, 2016 9:03 AM
  • Hi David,

    Should we conclude that you cannot use OAuth in Office addins or in other words OAuth incompatible with Office Apps?

    Regards.

    Aftab Ahmad

    Tuesday, August 2, 2016 7:52 PM
  • I have solved now this from the link https://xomino.com/2016/05/30/obtain-an-office-365-oauth-token-from-within-an-office-add-in-without-pop-ups-or-dialogs/ but if there is ADFS involved then it opens again in popup.

    Regards.

    Aftab Ahmad

    • Marked as answer by Aftab Ahmad- Saturday, August 13, 2016 9:03 PM
    Saturday, August 13, 2016 9:03 PM